This Privacy Policy describes ACC Advisors Ltd’s practices for collecting, using, maintaining, protecting and disclosing information in relation to visitors. This Policy has been drafted in line with Article 12 of the General Data Protection Regulation which states that the controller shall take appropriate measures to provide information where personal data is to be collected[1] and where personal data have been obtained but not from the data subject[2].

1.    Who we are?

ACC Advisors Ltd (hereinafter referred to as “We” or “Us”) operate a general informational website regarding the services offered by ACC Advisors Ltd, with the functionality of contacting Us to ask a question, inquire about Our services, make a complaint, or leave any feedback. We currently operate from 159, Merchant Street, Valletta, Malta, Europe. Persons having interest in obtaining more information on our practices or otherwise can send an email on info@accadvisors.eu. We respect the privacy of individuals, and we are committed to protect the information of visitors.

2.    What data do We collect?

This Policy applies mutatis mutandis to data collected from Our website https://www.maltaimmigration.eu/ (including its respective translated versions) , https://permanent-residence.maltaimmigration.eu/ (including its respective translated versions) and https://malta-citizenship.maltaimmigration.eu/ (including its respective translated versions),  (hereinafter referred to as the “ACC Immigration Website”).  Visitors to the ACC Immigration Website hereinafter shall be referred to as “You” or “Yourself“.

In accordance with the General Data Protection Regulation (hereinafter referred to as “GDPR”), personal data is any information which is related to an identified or identifiable natural person, whether directly or indirectly, in particular by reference to an identifier such as a name and any location information, and to an online identifier, such as for instance, an e-mail address (hereinafter referred to as “Personal Data”).

We collect the following Personal Data:

Personal Data that You might provide to Us when You contact Us to ask a question, inquire about Our services, make a complaint, or leave any feedback.

Personal Data we collect automatically:

  • when making use of the ACC Immigration Website

As you navigate through our website we may use cookies, which are small files placed on the hard drive of Your computer or mobile device, and web beacons, to collect information about your equipment, browsing patterns and actions. Data collected from cookies and web beacons might include information on a web browser, details of your visits to the ACC Immigration Website, including inter alia, traffic data and logs, page views and an internet protocol address.

Personal Data collected from third-party sources:

In order to provide the optimum service to You, We have contracted with third-party suppliers and service providers. We may obtain Personal Data about You from third parties, including but not limited to:

  • Google Analytics: This is a third-party tool by Google Inc that helps gather data. Google Analytics offers an opt-out option (add-on required). This tool allows us to understand more about our visitor; for example, information such as the website visitor’s location and device used, including information on the visitor’s demographic.
  • Google Ads: This third-party tool carries out similar functionalities to Google Analytics however it is limited to the tracking of ads shown to the user.
  • Unbounce: This is a third-party tool which gathers IP Addresses of visitors to the ACC Immigration website.
  • Hotjar: This third-party tool allows us to gather helpful data such as location data and information regarding the visitor’s specific attention to on-screen links and choices.
  • Our CRM System: The Request for Proposal system also collects the internet protocol address of each visitor to our website who send a Request for Proposal to us.
  • Other Service Providers: In order to be able to fulfil our contractual obligation with You, if any, we may engage third party companies to assist. In order to provide you with the best service possible, we might need to share data with our service providers.

We require that any third parties providing information has obtained such information lawfully and that the third party has obtained the appropriate consent to share the information. We work hard to ensure that data collected from third parties is lawfully obtained, stored and shared, however we are not in a position to ascertain this fully, and therefore, we shall not be deemed responsible for any breach carried out by our third parties.

 

3. How We use your data?

In line with the principle of data minimization and data economy, we only collect personal data and processes it on the following legal basis:

  • To contact You, to respond to your queries, complaints or questions, to troubleshoot and diagnose problems, complaints or questions.
  • To operate the ACC Immigration Website, ensuring security and integrity, to enforce our agreements and policies.
  • To carry out our contractual obligations, if any, with You and provide You with the best service possible.
  • For legitimate interest, primarily to protect us from legal action or claims from third parties, including you and/or to protect our legal rights and/or those of our employees, including to ensure apt performance of the website for the desired end-user experience.

We endeavour not to collect additional Personal Data or use the Personal Data we have collected for materially different, unrelated or incompatible purposes without asking for your consent.

We ensure the maximum level of safety and adopt high security measures to prevent unauthorized access, disclosure, modification or unauthorized distribution of data. The data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In some cases, the data may be accessible to certain types of persons in charge, involved with the operation of this ACC Immigration website (such as, but not limited to, administration, marketing, legal and system administration) as data processors by Us.

Legal Basis

When processing your Personal Data, we rely solely on the following legal basis:

Consent – As per Article 6(1) (a) of the GDPR, processing of data is lawful when the data subject gives consent to the processing for a specific purpose. We will process your personal data when you consent. By ticking or choosing the ‘I accept’ or ‘I agree’ options when faced with the choice, You consent for us to process your Personal Data. Such consent can be easily withdrawn at any time.

Necessary – We shall lawfully process personal data if it is necessary for the performance of a contract to which You are a party, or in order to conclude the required legal and customary steps to enter into a contract with You.

Moreover, We may legally process data if it is necessary for compliance and adherence to legal obligations to which We are subject [3]or if required to protect Your vital interest or that of any other natural person[4] or it is necessary for the performance of any task carries out in the public interest or in the exercise of an official authority vested to Us[5].

Legitimate Interest – As per Article 6(1)(f) of the GDPR, We process certain data in order to improve the ACC Immigration Website and to troubleshoot and eliminate certain technical problems and to develop new features.

 

4.    Who has access to your data?

We do not share your Personal Data with third parties for their marketing purposes. However, we might share anonymous or hashed data with third parties for our own marketing purposes. In line with the consent which you have provided we might share data in the following ways:

Our service providers – We may share your Personal Data with our service providers, such as inter alia, data storage company and other third parties who might be from time to time engaged to perform specific tasks for Us.

ACC Immigration – Employees and owners of the ACC Immigration Website may have access to your data should this be required. Moreover, owners might share your data during business enlargement, consolidation or bankruptcy.

Legal Requirements – We might be asked by law enforcement agencies to disclose your Personal Data for the establishing of any legal or litigious right by the competent authorities, in cases of evident prima facie mala fides from Your end.

Your request – As per the GDPR – in the event that You decide to access Your right to data portability as per below, we have no option but to transfer Your Personal Data accordingly.

 

5.    How We store Your data

We maintain sophisticated and top of the line data protection practices when it comes to securing Your Personal Data, in order to protect it. We use commercially available physical and technical safeguards which have been designed to secure Your Personal Data from loss, or unauthorized access or use. Additionally, we do not share Personal Data which We collect unless in line with this Policy. We have adopted a ‘need-to-know’ policy, and therefore Personal Data is only disclosed to only employees who strictly need to know Your Personal Data in order to provide You services.

This notwithstanding, We are aware that despite we take all the measures which are feasibly available to Us, there might be rare instances of data loss or damage due to accidents which are beyond our control. No method of transmitting data over the internet can be classified as without risk.

Any transmission of Personal Data is done at Your own risk and We cannot guarantee that such Personal Data may not be accessed, disclosed or altered by unauthorized persons.

 

6.    Data Retention

In light of the GDPR provisions[6], We keep Personal Data as long as necessary in order to keep up with our legal obligations. Therefore, unless you explicitly request to have Your Personal Data deleted as per the below, We will retain your Personal Data in our secure database for as long as is needed to rectify any concern or query for which the data was relayed to us.

Notwithstanding the previous provision, Personal Data collected might be kept for an additional period as may be required for legal reasons or for legitimate and lawful business purposes.

 

7.    Your Rights

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The Right to Access Your Persona Data[7] – You have the right to request for copies of Personal Data which has been collected concerning Yourself. You can access this right at reasonable intervals. This right should not adversely affect the rights or freedoms or others, including intellectual property rights, trade secrets or software copyright held by Us.

The Right to Rectification[8] – You have the right to request that without unjust delay We correct any information You relayed to Us, which You believe is inaccurate. You also have the right to request to complete information which You have relayed to us which You believe is incomplete, by providing a supplementary statement.

The Right to Erasure[9] – You have the right to request the erasure of Your Personal Data without undue delay and We shall erase such Personal Data as considerably soon as possible when one of the following grounds apply:

  • The Personal Data is no longer necessary in relation to the purpose for which it was collected or processed
  • You withdraw consent on which processing is based or there is no longer a legal ground for the processing;
  • You object to the processing pursuant to Article 21 (1) of the GDPR and there are no overriding legitimate grounds for the processing; or
  • The processing was unlawful.

The above right shall not apply to the extent that processing is necessary for the establishment, exercise or defense of legal claims.

The Right to lodge a complaint with a supervisory authority – You have the right to lodge a complaint with the pertinent supervisory authority where You consider that the processing of Your Personal Data infringes any point contained in this Privacy Policy or any provision in the GDPR. In terms of Article 12(4) GDPR, Further to a notification from Us, that We will not be taking action as per the request made by Yourself pursuant to one of the rights contained herein or to any other right which may be invoked by Yourself under the GDPR, You have the right to lodge a complaint with a supervisory authority for the possibility of seeking a judicial remedy thereto on the basis of such decision.

The Right to Restrict Processing[10] – You have the right to request that We restrict the processing of Your personal data, under certain conditions:

  • The accuracy of the Personal Data is contested by Yourself, for a period, to enable us to verify the accuracy of such Personal Data.
  • The processing is unlawful and You oppose to the erasure of the Personal Data and restrict use instead.
  • We no longer need to process Your Personal Data, but such Personal Data is required by Yourself for the establishment, exercise or defense of legal claims.
  • You have objected to the processing in line with Article 21(1) of the GDPR, pending verification whether the Our legitimate grounds override those of the data subject.

When Personal Data is restricted in line with the above, such data may only be processed with Your consent.

The Right to withdrawal – You have the right to withdraw the consent You gave Us to process your Personal Data for the purposes herein mentioned, if either point (a) of Article 6(1) or point (a) of Article 9(2) of the GDPR have been utilized as a lawful basis to process the Personal Data.

Exception to Abovementioned Rights

In line with Article 12(2) of the GDPR, the effective exercise of Your rights under Articles 15 to 22 of the GDPR inter alia, may be refused to be effected, if We deem that We are unable to identify the data subject concerned.

 

8.    International Transfer of Data

The personal non-public data we collect from You is collected, stored or processed within the EU/EEA. We may work with providers which are located outside the EU/EEA. However, we endeavour to transfer data to such providers following adoption of the adequate safeguards. Such appropriate safeguards include contractual arrangements the standard contractual clauses approved by the European Commission.

 

9.    Automated Decision Making

ACC Advisors Ltd does not use any Personal Data provided by Yourself for the purpose of automated decision-making.

 

10. Changes

We keep this Privacy Policy under regular review and place any updates on this web page. This Privacy Policy was last updated on 31/05/2022.

 

11.  Contact Us

If you have any comments, concerns or questions about this Privacy Policy or our privacy practice, please send an email to info@accadvisors.eu.

[1] Article 13, General Data Protection Regulation.

[2] Article 14, General Data Protection Regulation.

[3] Article 6 (c), General Data Protection Regulation.

[4] Article 6 (d), General Data Protection Regulation.

[5] Article 6 (e), General Data Protection Regulation.

[6] Article 5 (e), General Data Protection Regulation

[7] Recital 63 & Article 15, General Data Protection Regulation.

[8] Article 16, General Data Protection Regulation.

[9] Article 17, General Data Protection Regulation.

[10] Article 18, General Data Protection Regulation.